1bc1b144b26234843cc7825e0644510d_JaffaCakes118

General

Target

1bc1b144b26234843cc7825e0644510d_JaffaCakes118
Size

186KB
MD5

1bc1b144b26234843cc7825e0644510d
SHA1

c43b3989e5a9667f9e5541995b9a82138c5eaa54
SHA256

4cfea91fea440dc9c5f02a2d7a6a6c5d0e816d8a27db7602375552613127e51b
SHA512

303a37c7be986bfd1198555ec189a2edc504699e8fe152d24ddc39aa81ad3679f49223165f88c5ad634f2c24149fd9ec69bcef32e82a3ede9de1162380ad3e71
SSDEEP

3072:SBQerWE/RNj3AmI5PSRfTz8gpTcNCsneeWjFaZh7AHJi8++fsaZqjvzi2y4/oHb1:SBQeL/R13AnwFI5nee0FawJi8++0aZqM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1bc1b144b26234843cc7825e0644510d_JaffaCakes118

Files

1bc1b144b26234843cc7825e0644510d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8d6fb769fb36de7fe8f3a0c7315374d1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Parent
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

user32

CreateWindowExW
SendMessageA
EnumChildWindows
DestroyWindow
GetDlgItem
IsWindow
GetWindowThreadProcessId

kernel32

AddAtomA
TlsAlloc
UnhandledExceptionFilter
SetLastError
HeapDestroy
GetCPInfo
HeapCreate
GetEnvironmentStrings
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
GetOEMCP
VirtualAlloc
GetStdHandle
GetCurrentProcess
GetFileType
GetVersionExA
GetACP
EnumResourceLanguagesA
InterlockedExchange
GetCurrentProcessId
GetStartupInfoA
HeapSize
VirtualQuery
TlsGetValue
GetSystemInfo
WriteFile
GetModuleFileNameA
SetHandleCount
TlsSetValue
FormatMessageW
TerminateProcess
GetEnvironmentStringsW
TlsFree
SetEndOfFile
GetLocaleInfoA
VirtualFree
IsBadWritePtr
FreeEnvironmentStringsW
QueryPerformanceCounter
SetUnhandledExceptionFilter

shell32

SHGetFolderPathW

newdev

UpdateDriverForPlugAndPlayDevicesW

iphlpapi

GetIpAddrTable

Sections

.text
Size: 100KB - Virtual size: 243KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d6fb769fb36de7fe8f3a0c7315374d1

Headers

File Characteristics

Imports

setupapi

mprapi

user32

kernel32

shell32

newdev

iphlpapi

Sections

.text Size: 100KB - Virtual size: 243KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 83KB - Virtual size: 82KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 100KB - Virtual size: 243KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 83KB - Virtual size: 82KB

.rsrc
Size: 512B - Virtual size: 4KB